SONY HACKED, TIE SEEN TO THREAT

Company executive aboard S.D.-bound flight diverted because of bomb scare

Sony Corp. was the target of a bizarre hacking attack Sunday that brought down its online gaming networks and appeared to be linked to a bomb threat on a San Diego-bound flight carrying a Sony executive.

The incident gained widespread publicity because rival groups claiming responsibility for the attack used Twitter to make reference to explosives being onboard an American Airlines flight carrying John Smedley, president of Sony Online Entertainment.

The flight originated in Dallas and was diverted to Phoenix briefly on Sunday. A search found no explosives and it continued to San Diego. The FBI is investigating.

Tech-savvy hackers have used their programming skills to express displeasure with a company or its practices before, said Stephen Cobb, a cybersecurity expert with anti-virus software firm ESET.

The bomb threat tweet posted under the Twitter name @LizardSquad, however, could have been an escalation spurred on by competing claims of responsibility for the Sony network attack.

“As the hacker culture has grown, the original hacker ethical compass has been lost,” Cobb said. “I am really hoping that friends and associates of the person who did that tweet will turn them in. It’s just way across the line.”

The type of attack that hit Sony’s online gaming networks this weekend is one of the oldest hacking techniques. It’s called distributed denial of service. These attacks use so-called botnets — large numbers of infected computers — to bombard a website, overwhelming it and causing it to crash.

“It’s really no different from if you had a small restaurant and someone wants to mess with your business, so they send 10,000 people to the door but no one wants to buy anything. They’re just crowding the place,” said Paul Martini, chief executive of San Diego cyber security software firm iBoss.

Denial-of-service attacks crash websites. They’re not designed to access data. So cybercriminals don’t use them that frequently these days, Martini said. When they do use them, it’s often to make a statement.

“The viruses today are trying to be stealthier,” he said. “They want to stay on the network for a long time stealing data. So this whole scenario doesn’t seem right. It’s almost like a personal vendetta.”

When denial-of-service attacks are used as part of a data-stealing operation, it’s usually as a diversion so criminals can sneak a more malicious bug into the network while security professionals are preoccupied.

In 2011, Sony suspended operations on the PlayStation Network for six weeks after a hacking attack, which led to the theft of data from more than 100 million accounts.

The company said it improved security after that attack by increasing firewalls and adding software to monitor intrusions and system vulnerabilities.

At least one of the groups claiming responsibility for the hack on Twitter, which goes by the name Famed God, said that it did so to expose flaws in Sony’s security system for its online gaming networks.

“The motivation for the people who actually did the attack appears to be some sort of anger at Sony for … not doing a better job of deflecting denial-of-service attacks,” Cobb said.